Ask a Question Register Login

php - PreAuthorize annotation of Symfony2 JMSSecurityExtraBundle not working

691

Using the JMSSecurityExtraBundle of Symfony2 I try to create my own expression method and bind it in a controller using the PreAuthorize annotation.

I don't know why but the method is never fired, and the security bundle while trying to evaluate the PreAuthorize annotation concludes with a "Token does not have the required roles.". Seems like is trying to validate roles and not to resolve the PreAuthorize expression.

Example about what I'm trying to do:

<?php

namespace Acme\HelperBundle\Security;

use Symfony\Component\DependencyInjection\ContainerInterface;
use JMS\DiExtraBundle\Annotation as DI;

/** @DI\Service */
class RequestAccessEvaluator
{
    private $container;

    /**
     * @DI\InjectParams({
     *     "container" = @DI\Inject("service_container"),
     * })
     */
    public function __construct(ContainerInterface $container)
    {
        $this->container = $container;
    }

    /** @DI\SecurityFunction("isAllowed") */
    public function isAllowed()
    {
        return true;
    }
}

My Controller:

   /**
     * 
     * @PreAuthorize("isAllowed()")
     * @Route("/bla/{id}")
     * @Method({"POST"})
     * @return json
     */
    public function postBlaAction(Request $request, $id)
    {
793

Answer

Solution:

I finally solved my problem... actually I missed that config.

It worked just putting that in my config.yml and setting the option "expressions" to true.

People are also looking for solutions to the problem: php - Lookup the subnets of many IPs in a fast way

Source

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.